製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の VMware 製品のゲスト仮想デバイスドライバにおけるサービス運用妨害 (DoS) の脆弱性

タイトル	複数の VMware 製品のゲスト仮想デバイスドライバにおけるサービス運用妨害 (DoS) の脆弱性
概要	VMware Workstation、VMware Player、VMware ACE、VMware Server、VMware Fusion、VMware ESXi、および VMware ESX のゲスト仮想デバイスドライバには、サービス運用妨害 (ホスト OS クラッシュ) 状態となる脆弱性が存在します。
想定される影響	ゲスト OS ユーザにより、サービス運用妨害 (ホスト OS クラッシュ) 状態にされる可能性があります。
対策	ベンダ情報および参考情報を参照して適切な対策を実施してください。
公表日	2009年4月3日0:00
登録日	2012年6月26日16:02
最終更新日	2012年6月26日16:02

CVSS2.0 : 警告
スコア	4.6
ベクター	AV:L/AC:L/Au:S/C:N/I:N/A:C

影響を受けるシステム

VMware

VMware ACE 1.0.8 build 125922 未満、2.5.1 およびそれ以前の 2.x

VMware ESX 3.0.2、3.0.3、および 3.5

VMware ESXi 3.5

VMware Player 1.0.9 build 126128 未満、2.5.1 およびそれ以前の 2.x

VMware Server 1.0.8 build 126538 未満の 1.x、2.0.1 build 156745 およびそれ以前の 2.0.x

VMware Workstation 5.5.9 build 126128 未満、6.5.1 およびそれ以前の 6.x

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2008-4916	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4916
National Vulnerability Database (NVD)
2	CVE-2008-4916	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4916

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	名前	URL
VMware
1	VMSA-2009-0005	http://www.vmware.com/security/advisories/VMSA-2009-0005.html

変更履歴

No	変更内容	変更日
0	[2012年06月26日] 掲載	2018年2月17日10:37

NVD脆弱性情報

CVE-2008-4916

概要	Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.
公表日	2009年4月7日0:30
登録日	2021年1月29日13:44
最終更新日	2017年9月29日10:32

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:emc:vmware_player::::::::
cpe:2.3:a:vmware:vmware_ace:1.0:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.2:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.3:::::::*
cpe:2.3:a:vmware:vmware_esx:3.5:::::::*
cpe:2.3:a:vmware:vmware_esxi:3.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.9:::::::*
cpe:2.3:a:vmware:vmware_player:1.01:::::::*
cpe:2.3:a:vmware:vmware_player:1.05:::::::*
cpe:2.3:a:vmware:vmware_player:2.0:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_server:1.05:::::::*
cpe:2.3:a:vmware:vmware_server:2.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:4.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.6:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.7:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.8:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:build_93057::::::
cpe:2.3:a:vmware:vmware_workstation:6.0.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.03:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5.1:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:emc:vmware_player::::::::
cpe:2.3:a:vmware:vmware_ace:1.0:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_ace:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_ace:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5:::::::*
cpe:2.3:a:vmware:vmware_ace:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.2:::::::*
cpe:2.3:a:vmware:vmware_esx:3.0.3:::::::*
cpe:2.3:a:vmware:vmware_esx:3.5:::::::*
cpe:2.3:a:vmware:vmware_esxi:3.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.8:::::::*
cpe:2.3:a:vmware:vmware_player:1.0.9:::::::*
cpe:2.3:a:vmware:vmware_player:1.01:::::::*
cpe:2.3:a:vmware:vmware_player:1.05:::::::*
cpe:2.3:a:vmware:vmware_player:2.0:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.1:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.2:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.3:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.4:::::::*
cpe:2.3:a:vmware:vmware_player:2.0.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5:::::::*
cpe:2.3:a:vmware:vmware_player:2.5.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.0:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.1:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.2:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.3:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.4:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.5:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.6:::::::*
cpe:2.3:a:vmware:vmware_server:1.0.7:::::::*
cpe:2.3:a:vmware:vmware_server:1.05:::::::*
cpe:2.3:a:vmware:vmware_server:2.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:4.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.6:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.7:::::::*
cpe:2.3:a:vmware:vmware_workstation:5.5.8:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.0.45731:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.1:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.2:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.3:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:build_93057::::::
cpe:2.3:a:vmware:vmware_workstation:6.0.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.03:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5:::::::*
cpe:2.3:a:vmware:vmware_workstation:6.5.1:::::::*

No	URL	refsource
1	http://lists.vmware.com/pipermail/security-announce/2009/000054.html	MLIST
2	http://seclists.org/fulldisclosure/2009/Apr/0036.html	FULLDISC
3	http://security.gentoo.org/glsa/glsa-201209-25.xml	GENTOO
4	http://www.securityfocus.com/bid/34373	BID
5	http://www.securitytracker.com/id?1021973	SECTRACK
6	http://www.vmware.com/security/advisories/VMSA-2009-0005.html	CONFIRM
7	http://www.vupen.com/english/advisories/2009/0944	VUPEN
8	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439	OVAL